European Parliament Agrees Text For Key ePrivacy Regulation; Online Advertising Industry Hates It

from the how-dare-people-refuse-to-be-tracked-online dept

Techdirt has mentioned a couple of times the EU's important ePrivacy Regulation that is currently working its way through the legislative process. It's designed to complement the EU's new General Data Protection Regulation (GDPR), which comes into force next year, and which is likely to have far-reaching effects. Where the GDPR is concerned with personal data "at rest" -- how it is stored and processed -- the ePrivacy Regulation can be thought of as dealing with personal data in motion. That is, how it is gathered and flows across networks. Since that goes to the heart of how the Internet works, it will arguably have an even bigger impact than the GDPR on the online world -- not just in the EU, but globally too.

That's led to lobbying on an unprecedented scale. A recent report on the Regulation by Corporate Europe Observatory quoted a source in the European Parliament as saying it was "one of the worst lobby campaigns I have ever seen". Despite that pressure, and a last-minute attempt to derail proceedings, the European Parliament has just agreed a text for the ePrivacy Regulation. That's not the end of the story -- the other parts of the European Union legislative machine will weigh in with their views, and seek to make changes, but it's an important milestone.

The European Parliament has produced an excellent briefing on the background to the ePrivacy Regulation (pdf), and on its main elements. A key feature is that it will apply to every business supplying Internet-based services, not just telecom companies. It will also regulate any service provided to end-users in the EU, no matter where the company offering it may be based. There are strict new rules on tracking services -- including, but not limited to, cookies. Consent to tracking "must be freely given and unambiguous" -- it cannot be assumed by default or hidden away on a Web page that no one ever reads. Cookie walls, which only grant access to a site if the visitor agrees to be tracked online, will be forbidden under the new ePrivacy rules.

IAB Europe, the main European-level association for the digital media and advertising industry, says giving the public the right to refuse to be tracked amounts to "expropriation":

"The European Parliament's text on the ePrivacy Regulation would essentially expropriate advertising-funded businesses by banning them from restricting or refusing access to users who do not agree to the data collection underpinning data-driven advertising," warned Townsend Feehan, CEO of IAB Europe.

The press release then goes to make the claim that online advertising simply must use tracking, and that visitors to a site are somehow morally obliged to give up their privacy in order to preserve the advertiser's "fundamental rights":

"Data-driven advertising isn't an optional extra; it is online advertising," explained Feehan. "Forcing businesses to grant access to ad-funded content or services even when users reject the proposed advertising value exchange, basically deprives ad-funded businesses of their fundamental rights to their own property. They would be forced to give something in return for nothing."

However, IAB Europe graciously goes on to say it "will continue to engage constructively with the EU institutions in hopes of meaningfully improving the draft law in the remaining legislative process." Translated, that means it will lobby even harder to get the cookie wall ban removed from the text during the final negotiations. IAB Europe is naturally most concerned with the issues that affect its members. But the European Parliament's text -- not the final one, remember, so things could still change -- includes some other extremely welcome elements. For example, the Regulation in its present form would require EU Member States to promote and even make mandatory the use of end-to-end encryption. Moreover, crypto backdoors would be explicitly banned:

In order to safeguard the security and integrity of networks and services, the use of end-to-end encryption should be promoted and, where necessary, be mandatory in accordance with the principles of security and privacy by design. Member States should not impose any obligation on encryption providers, on providers of electronic communications services or on any other organisations (at any level of the supply chain) that would result in the weakening of the security of their networks and services, such as the creation or facilitation of "backdoors".

As the above extracts indicate, the European Parliament's text offers strong support for the user's right to both encryption and privacy online. For that reason, we can expect it to be attacked fiercely from a number of quarters as haggling over the final text take place within the EU. Unfortunately, unlike the European Parliament's discussions, these negotiations will take place behind closed doors.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ads, advertising, eprivacy regulation, eu, eu parliament, privacy


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 30 Oct 2017 @ 3:49am

    Ah, but you have a choice

    "They would be forced to give something in return for nothing."

    No. They wouldn't. They're perfectly free to simply turn off their sites. They won't be missed: we have more than enough resources of all descriptions that are available without the filth of advertising, and more are being built every day.

    Don't let the door hit you in the ass on the way out, scumbags.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 30 Oct 2017 @ 4:24am

    ISDS

    I wonder if any ISDS treaties will come into play.

    link to this | view in thread ]

  3. icon
    Arthur Moore (profile), 30 Oct 2017 @ 4:30am

    Breaking the internet

    including, but not limited to, cookies. Consent to tracking "must be freely given and unambiguous" -- it cannot be assumed by default or hidden away on a Web page that no one ever reads. Cookie walls, which only grant access to a site if the visitor agrees to be tracked online, will be forbidden under the new ePrivacy rules.

    I actually have a problem with this part. the last time the EU did something like this we got all those useless, "This site uses cookies" banners everywhere. Now they're saying that sites must be able to operate without cookies.

    First, every site that does any sort of sign on will now require a new warning banner on that page. It's useless, since the site must use cookies to make sure logged in users are who they say they are.

    Second, goodbye any sort of site that does things based on sessions. Since it must work without cookies, it must work without sessions. Since that's not possible, they can't comply with the EU regulation. Things like shopping carts that don't require login run into the same issues as sing ons. They don't work without at least a session cookie.

    Third, is the annoyance factor. Some sites tried doing this when the banner requirement was first introduced. The problem is since it didn't store a cookie, it assumed the user was a new visitor on every page, and constantly popped up. Sure, that can be mitigated by looking at the referrer, but every new visit will be greeted with a banner.

    In theory tracking protection is a good idea. I can get behind things like banning browser fingerprinting or supercookies. Heck, I even agree with trying to regulate tracking pixels. However, the EUs track record with cookies is bad at best. I'm concerned that in their attempt to regulate the internet, they're just going to break it.

    link to this | view in thread ]

  4. icon
    MyNameHere (profile), 30 Oct 2017 @ 4:31am

    Unintended consequences

    Considering that Techdirt often prattles on about unintended consequences and slippery slopes, one has to wonder if nobody really thought this story through.

    Most of the sites you love (including this one) make some or all of their income from advertising. Targeted ads are what really pay the bills, the more they can show you that is relevant to where you have been or what you have searched for, the more likely you are to click the ad and thus, there is more value (and more pay!).

    Google ads commands a big part of the market, in part because they have their fingers in the pie all the time, so to speak. They know where you go, what you search, and so on. For mobile users they add on the go location data, and boom, perfect ads - and lots of revenue.

    On the other side of things, we know that the internet is a hard place to make money. When your income is often measures in tenths or hundreds of a cent per user visit or per page view, it's quite hard to find a point where you make a profit. Removing or limiting targeting in advertising would very likely kick the legs out from under the business model entirely, taking with it many of the sites you enjoy.

    So who makes money? Well, the two biggest money makers (from running non-hard good businesses) are Google and Facebook - two companies who make their income through ad targeting. They are two companies who track you incessantly and turn that knowledge into cash.

    Of course, the pat answer is to say "we don't need those garbage commercial sites clogging up our wonderful online commune", which sounds nice until you realize that the phone in your hand is at least partially paid via advertising. Apple holds you hostage to their app store and closed environment, and Android exists only really to further Google's grip on your data and you eyeballs. Take that away, and the point of making such things (and the money to do it) could evaporate overnight - or you could go back to paying for your OS and such, adding hundreds more dollars onto your phone price.

    The EU deal sounds go from the surface, but the unintended consequences are big. Remember, Techdirt slams 55 cookies from at least a half a dozen sources at you every visit. The EU rules would seem to suggest that wouldn't be acceptable anymore. I would really love to hear Mike chime in as to what the would do for the business model here.

    link to this | view in thread ]

  5. icon
    Stephen T. Stone (profile), 30 Oct 2017 @ 4:35am

    Re: Unintended consequences

    If a business model cannot work without the law protecting a business’s right to track people, that business model deserves to fail. The advertising companies can either adapt or perish.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 30 Oct 2017 @ 4:38am

    Re: Unintended consequences

    Advertising does not need that users are tracked, and in general the data analytics do not do that good a job at targeting adverts, and frequently wast effort by adverting something that you have just bought.

    link to this | view in thread ]

  7. icon
    MyNameHere (profile), 30 Oct 2017 @ 5:02am

    Re: Re: Unintended consequences

    Well, it works better than nothing, that is for sure.

    I am male. I don't see many (if any) ads for feminine hygiene products on Facebook, but my wife does. I do get plenty of ads for Tech gear, local restaurants, and other things that are more relevant to me.

    Unless they close the loop on knowing that you have bought something, they will tend to send you more ads about things you are interested in. But over time, that tends to go away as you move on to other topics.

    It would be better than showing you ads for Restaurants on the other side of the world, movies in languages you don't understand, and products that you cannot buy locally.

    link to this | view in thread ]

  8. icon
    Bergman (profile), 30 Oct 2017 @ 5:11am

    Re: Re: Unintended consequences

    All businesses track people to one extent or another -- if they didn't, they'd be unable to accept payments.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 30 Oct 2017 @ 5:16am

    Re: Re: Re: Unintended consequences

    It would be better than showing you ads for Restaurants on the other side of the world, movies in languages you don't understand, and products that you cannot buy locally.

    Those are total non issues, as the IP address locates you, (or the TOR exit node or the VPN), and your browser gives your language.

    link to this | view in thread ]

  10. icon
    Eldakka (profile), 30 Oct 2017 @ 5:17am

    Re: Breaking the internet

    It's useless, since the site must use cookies to make sure logged in users are who they say they are. Second, goodbye any sort of site that does things based on sessions. Since it must work without cookies, it must work without sessions. Since that's not possible, they can't comply with the EU regulation. Things like shopping carts that don't require login run into the same issues as sing ons. They don't work without at least a session cookie.

    Based on the wording of the what a cookie is in the linked PDF document, the EU are referring specifically to third-party persistent cookies, not to session or to first-party cookies , as per the sidebox on page 12:

    A cookie is information saved by the user's web browser. When visiting a website, a site might store cookies to recognise the user's device in the future upon their return to the page. By keeping track of a user over time, cookies can be used to customise a user's browsing experience, or to deliver targeted advertisements. First-party cookies are placed by the website visited to make experience on the web more efficient (e.g. they help sites remember items in the user shopping cart, or log-in names). Third-party cookies are placed by e.g. an advertising network to deliver ads to the online user, in the visitor's browser with the purpose of monitoring (through identifiers) their behaviour over time.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 30 Oct 2017 @ 5:18am

    Re: Re: Re: Unintended consequences

    There is a difference between information needed for a business transaction, and using third party cookies to track where on the Internet you go and have been.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 30 Oct 2017 @ 5:23am

    Re: Breaking the internet

    *DO NOT TRACK*

    If a website developer is willing to seriously think about when to set cookies and whether they are necessary, it is possible to make a website that can be browsed without cookies (trivial), only sets session cookies when someone logs in (Say: "logging in requires cookies" in the login screen.)

    For a shopping cart one only needs to popup a warning once (when there is no session cookie set yet). For each subsequent addition to the cart one may assume consent for the cookie, because it has already been set.

    As a web user with some web development experience I see those "in your face" cookie banners and/or cookie walls as an annoyance; either because of developer incompetence or management disagreeing with the results of a (democratic) political decision.

    *DO NOT TRACK*

    link to this | view in thread ]

  13. identicon
    ANother Anonymous Coward, 30 Oct 2017 @ 5:26am

    Re: Breaking the internet

    There are mulltiple ways of handling sessions other than cookies. Many of them are even more secure too.

    link to this | view in thread ]

  14. icon
    Ben (profile), 30 Oct 2017 @ 5:33am

    Re: Breaking the internet

    The text does not ban cookies. It bans tracking cookies that are shared between sites. Cookie-based session control is fine providing you don't provide that data to a third part.

    link to this | view in thread ]

  15. identicon
    Daniel, 30 Oct 2017 @ 5:46am

    Install "I dont care about cookies" browser extension and cookie warnings are history!

    https://www.i-dont-care-about-cookies.eu/

    link to this | view in thread ]

  16. icon
    Ben (profile), 30 Oct 2017 @ 5:49am

    Re: Re: Re: Re: Unintended consequences

    Globally, IP address location is appallingly inaccurate. For many ISPs it just locates you at _their_ HQ. And the data in the commercially available geo-location databases marks where the IP address WAS at one point, rather than where it is RIGHT NOW.

    I've seen logged in users on the sites I work on flip in a heart-beat from one end of Japan to the other because they've flipped ISP from domestic Wifi to LAN (for example) whilst keeping everything else consistent, or one mobile network to another whilst still logged in on the same device. (Of course this could also be evidence of incompetent session cookie stealing, but the behaviour is too consistent for that.)

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 30 Oct 2017 @ 6:32am

    Re: Breaking the internet

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 30 Oct 2017 @ 6:37am

    Re: Unintended consequences

    "and Android exists only really to further Google's grip on your data and you eyeballs."

    Say What?

    You dont really know much about this other than your FUD do you?

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 30 Oct 2017 @ 6:40am

    Re: They would be forced to give something in return for nothing.

    Nobody compels them to put content up. Clearly these guys didn't use the Internet before 2000. It was quite nice.

    The fact that an entire world industry has built an enterprise based on violating other peoples civil rights, does not mean that their activity is somehow just. Fascists don't stop being fascists because they are successful. If any legislative body had approached this problem in 1999, most of the advertising systems architecture would have ended up differently than it is today.

    Yes, preserving civil rights has a habit of upsetting billion dollar industries. We know that in states, because we experienced it in 1861 with the abolishment of slavery.

    So the logic here is basically the same as "too big to fail". Which is good for the guillotine business, but not much else.

    Note that while _some_ growth of the Internet was created by advertising, quality was also effected. At this point the drop in signal to noise ratio is causing the net utility of the Internet to DECLINE. IMHO it is accelerating towards equilibrium and utility will probably extend well below what it was before Internet advertising became a big thing.

    There are companies paying out huge money right now to people who have basically no experience in any subject, to write reams of bad copy on all kinds of scientific issues. It is being done to dilute the effectiveness of search algorithms, in a slow war to push enthusiast driven content off the Internet, and make the whole network one big TV style broadcast system.

    If these guys codify that this is acceptable behavior, then they've entrenched it even further into our cultural standards. And that is going to have consequences. Because there is a large cross section of society that finds this behavior appalling. Not just unpleasant, but utterly fucking intolerable.

    And we know where that leads. We've been there before.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 30 Oct 2017 @ 6:55am

    I don't need three more fridges

    Yeah, user tracking works so well and helps to provide me with a great ad experience. When I'm looking for a fridge, I do my research online for models and prices. Then I buy the new fridge from a local store. But the ads are nagging me to buy more fridges for several days. And I love to see all the ads for beauty products after a female family member checked her preferred websites.

    I have no problem with ads, it's the micro payment system for free content. But I despise the user tracking. If I want some cookies, I got a great oven for baking some.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 30 Oct 2017 @ 7:49am

    how dare anyone refuse to be tracked and prevent on-line companies from exploiting them in the name of profit! even worse, how dare anyone be in the position to be able to use encryption with no backdoors for law enforcement to gain access to personal electronic devices, so as to keep peoples right to privacy and freedom!
    i wonder how long before this is totally dismantled and the exact opposite happens instead?? i wonder which MEPs will be the ones who recommend the dismantling and what 'benefits' they get for doing so? and will there be any investigating done on those who do the recommending?? will there hell as like!!!

    link to this | view in thread ]

  22. icon
    Mason Wheeler (profile), 30 Oct 2017 @ 8:34am

    "The European Parliament's text on the ePrivacy Regulation would essentially expropriate advertising-funded businesses by banning them from restricting or refusing access to users who do not agree to the data collection underpinning data-driven advertising," warned Townsend Feehan, CEO of IAB Europe.

    You say that like it's a bad thing...

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 30 Oct 2017 @ 8:45am

    Re: Ah, but you have a choice

    This site is largely ad-supported. Do you believe techdirt is also run by scumbags?

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 30 Oct 2017 @ 8:50am

    Re: Re: They would be forced to give something in return for nothing.

    EXACTLY so. We had a perfectly fine network, in fact, when advertising was completely forbidden. I hope that when finally come to the collective realization that advertizers are bloodsucking parasites who add zero value to the Internet but take way security/privacy value, that we'll have one again.

    It didn't have to be this way. But advertizers themselves chose to MAKE it this way, by attacking privacy and security at every possible opportunity in order to squeeze out a few more cents of precious profit. They chose to MAKE themselves the enemy and they show no signs of regretting it.

    Fine. Treat them as one. Exterminate them.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:02am

    Re: Re: Ah, but you have a choice

    Well if it makes your little heart feel better, then yes but the nicest possible scumbags

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:11am

    Re: Unintended consequences

    "Of course, the pat answer is to say "we don't need those garbage commercial sites clogging up our wonderful online commune", which sounds nice until you realize that the phone in your hand is at least partially paid via advertising. Apple holds you hostage to their app store and closed environment, and Android exists only really to further Google's grip on your data and you eyeballs. Take that away, and the point of making such things (and the money to do it) could evaporate overnight - or you could go back to paying for your OS and such, adding hundreds more dollars onto your phone price."

    Really the $900 I paid for my phone that is about $200-300 in parts doesn't pay for itself? Well then I guess the CEO and other management will have to take a discount on their multiple-millions in salary.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:20am

    Re: Re: Re: Re: Re: Unintended consequences

    "Globally, IP address location is appallingly inaccurate"

    It is worth noting that IP address space really shouldn't have ever been allocated based on geographical distance anyway, and at first it wasn't.

    Before ICANN was ICANN, IP addresses was allocated based on _network_ distance, rather than geographical distance. The difference being that CIDR block allocation had to take into account datagram switching capacity. (routers aren't infinite) Geo based distance as a basis for allocation is substantially less efficient.

    So Geo-IP was always really dumb. I don't know which beurocracy was responsible for it. But you can bet that it was driven by governments. And probably telco execs who had just bought out Internet providers and wanted to cement regional monopoly markets without understanding the impact of making technical decisions based on graft and political territory piss stains.

    Services like Geo-IP is why you have OSI layer 5. It was just one of those things where somebody did something stupid (ICANN) with then created something that sortof looked like a marketing oportunity if you were willing to accept really bad engineering. Then a cascaded bad idea became cheaper to implement than doing the job right, and so you have this half-assed garbage instead of a proper solution.

    The whole problem really boils down to bad architecture dating back to the 80's. OSI layers 4 and 5 should be transposed, with the session layer being used for crypto and things like voluntary GeoIP. But that would require pretty much reengineering the entire switching fabric of the Internet. But if you want an Internet where civil rights are respected, that is what is going to have to happen. Like it or not.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:27am

    Re: Re: Re: Unintended consequences

    All businesses track people to one extent or another -- if they didn't, they'd be unable to accept payments.

    Why would my grocery store need to track me to accept my money?

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:28am

    Re: Re: Re: Unintended consequences

    Well, it works better than nothing, that is for sure.

    I disagree. Almost anywhere you see an ad, it would be better to have nothing there... which is exactly why people use adblockers.

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 30 Oct 2017 @ 9:32am

    Re: Unintended consequences

    Really? Google's ads are perfect?

    Maybe in theory, but in practice I'm no more likely to click them than any other ad online (read: never). Scratch that, I'm less likely to click them than the sorts of ads shown on, say, readthedocs.org. Those untargetted ads seem to actually better targeted than the targeted ones.

    link to this | view in thread ]

  31. icon
    Toom1275 (profile), 30 Oct 2017 @ 9:43am

    Re: Re: Re: They would be forced to give something in return for nothing.

    The ad companies have been racing each other to the bottom, and now they're receiving their prize.

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 30 Oct 2017 @ 10:26am

    Re: Re: Re: Unintended consequences

    > All businesses track people to one extent or another -- if they didn't, they'd be unable to accept payments.

    What a load of apologetic bull.

    link to this | view in thread ]

  33. identicon
    Anonymous Coward, 30 Oct 2017 @ 11:29am

    Re: Re: Re: They would be forced to give something in return for nothing.

    There were a few key events that created the situation we are in today.

    Sun took an appliance language it had on the shelf, (java) and declared that it could be a "virtual machine" would make client side execution of foreign code secure. Which was complete bullshit, and everybody knew it.

    At about the same time Redmond was in litigation for using racketeering tactics in the web browser world (which they did), and so everybody was shitting themselves about http portability, and so there was a rush to adopt SOMETHING that would make clean dynamic rendering work. So java as adopted, even though everybody knew it was going to pig-fuck the next decade of web security. Which it did.

    Over time hackers created tracking systems that the "virtual machine" was supposed to prevent. And even though those features violated state computer intrusion laws, which clearly demonstrated that Suns great "virtual machine" was bullshit, Sun just shrugged and sold out to Oracle.

    Then later on companies starting getting nervous because they were committing (and still are) a million felonies a day, so we started seeing efforts to externalize responsibility for the problem. Which is when we got the "Do not track header". Which is also complete bullshit because it is evaluated on the server side. And if the server admins read the fucking law, they would know that they've been committing a million felonies a day for a decade, and would have already moved to Mexico.

    link to this | view in thread ]

  34. identicon
    Anonymous Coward, 30 Oct 2017 @ 11:34am

    Re: Re: Re: Re: They would be forced to give something in return for nothing.

    " now they're receiving their prize."

    In the same fashion that the banks received theirs in 2008.

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 30 Oct 2017 @ 11:37am

    If it upsets Google/Facebook/etc, it's sure to be good for the internet.

    link to this | view in thread ]

  36. icon
    Toom1275 (profile), 30 Oct 2017 @ 12:55pm

    Re: Re: Ah, but you have a choice

    Techdirt has ads? /s

    I haven't bothered to disable them, and uBlock's off for this site. They aren't as obnoxious here as in other places.

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 30 Oct 2017 @ 1:16pm

    Re: Re: Unintended consequences

    "which sounds nice until you realize that the phone in your hand is at least partially paid via advertising"

    What phone? Oh, you're referring to that lojack device that I have to put in a fucking faraday cage by the front door to keep it from being used to take pictures and record audio inside my home without my consent?

    Most people can't live without their cell phones. I choose to live without one. I would sincerely like to have mobile communications. I used to have several of them. But once they all became I.P. enabled, I knew the jig was up.

    People who honor the Constitution are, at this time, being denied potentially life saving services (cell phones) because the only products available in the market are criminally invasive of their civil rights.

    That people are conceding their rights en mass, does not mean that they are unaware of the choice that they are being forced to make. And being compelled by market leverage, is not the same thing as consent.

    The industry argument is: "well people don't mind, we've been doing it for years". John C. Calhoun made similar arguments about his slaves. Failing to preserve Constitutionally recognized boundaries of interpersonal privacy in modern legislation will end up being the modern version of the three fifths compromise.

    link to this | view in thread ]

  38. icon
    MyNameHere (profile), 30 Oct 2017 @ 1:44pm

    Re: Re: Unintended consequences

    Pretty much everything Google has been involved in is designed to extend their reach, to drive people to their search and as a result on to other sites with Google ads on them. It also drives their market for selling paid listings.

    Any time Google is doing something for free, the underlying premise is market position and ubiquity of their search and search products, which in turn feeds their ad market (which brings in billions).

    It's not FUD. It's why they spend tons of money on an OS that brings them little direct return.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 30 Oct 2017 @ 1:44pm

    Re: Re: Re: Unintended consequences

    Cheap and simple mobile phones without cameras and capabilities to run apps are available, and are cheap,. They are good enough to make phone calls and exchange text messages, and for anything else while out and about, laptops are available.

    link to this | view in thread ]

  40. icon
    MyNameHere (profile), 30 Oct 2017 @ 1:47pm

    Re: Re: Breaking the internet

    It's very likely that many of those methods might be illegal under the proposed European law. Things like ETAGs would not be allowed to be tracked, as it would be "inter-site" which is would no longer be valid.

    My guess would be as new ways to track are found, they would be added to a list of unacceptable ways to track users. EU sites doing so would be in violation of at least the spirit of the law.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 30 Oct 2017 @ 1:59pm

    Re: Re: Unintended consequences

    I don't use any Google or Apple products. My StupidPhone cost about $40 at Target...six years ago. I'm not on any social media. I own no IOT devices. If, tomorrow, Google, Apple, Facebook, Twitter, Instagram, etc. all vanished without a trace it would have no impact on me -- well, other than to remove some persistent annoyances, like all the spam that Twitter sends out. (But it's merely an annoyance: I blacklisted them years ago.)

    So tell me again how I am, in some way, indebted to these companies.

    link to this | view in thread ]

  42. icon
    flyinginn (profile), 30 Oct 2017 @ 4:12pm

    Re: Re: Unintended consequences

    I've been swamped with unsolicited advertising for beehives for 48 hours now because of a moment's curiosity. Beehives. I can certainly solve the problem - but not all the sites I browse are happy with TOR, and I don't want to spend hours going over my cookie list to delete the trash. The problem is that passive advertising is generally acceptable but "targeted" advertising is about as precise as being vomited on by the local drunk outside a bar on Friday night. It should be blindingly obvious that this is simply ad-spamming and shows total indifference to readers who might otherwise be disposed to buy their products. It's also worth noting that if tracking is essential for company viability, then when do we start to hear lobbying that insists tracking cookies are protected by law? After all, how can you allow cookie removal but refuse cookie-proofing?

    The MEPs should be congratulated for a burst of sanity. I predict that the demise of involuntary or extortion-based tracking cookies will make precisely no difference at all to internet economics.

    link to this | view in thread ]

  43. icon
    orbitalinsertion (profile), 30 Oct 2017 @ 4:21pm

    Re: Re: Ah, but you have a choice

    The thing is, ads do not have to involve tracking. If the playing field is leveled to "place your ad or don't", that would make all ad displays equal anyway, although it might be super sad for some collect 'em all data-driven industry "innovators". Really it could free the ad industry from another cost without actually proven benefits. But sure, try to take that kind of snooping and control from some, and they will always whine, regardless as to whether it does them or their bottom line any good.

    link to this | view in thread ]

  44. icon
    orbitalinsertion (profile), 30 Oct 2017 @ 4:40pm

    Re: Unintended consequences

    Are you claiming the advertising industry would disappear without cookies or other tracking?

    Advertising money will circulate no matter what. If they are limited to plain old fashioned advertising, the advertising economy will adjust. Companies have always, massive tracking or none at all, been paying advertisers largely for nothing. And in a world with an internet through which you can search for things you might want, you can find options of which you had never heard, and do a much better job than any advertiser, ever.

    If post-tracking ban, advertisers really want to charge less for their services and pay less for sites to host ads, or sell more ads, that's pretty much on them. They would be paying a lot less without all the tracking stuff they felt they had to do to keep up with other outfits.

    Of course, ad-supported sites wouldn't have it so bad if the hosting (somewhat) and business-class ISP costs were not a few magnitudes of order out of whack with reality. Maybe they would have to adjust too.

    But i can count on one hand the number of times i have ever clicked an ad out of interest, static or targeted. Ads suck, and they always will. The entire industry is built on a belief system more than reality, and they probably pretty much know that deep down, as evidenced by what their data tells them.

    link to this | view in thread ]

  45. icon
    orbitalinsertion (profile), 30 Oct 2017 @ 5:01pm

    Re: Re: Re: Re: They would be forced to give something in return for nothing.

    I really don't think Java was ever used so much, definitely not to the extent of underpinning sites and browsers. Since way back, until today, there have been requests to install a particular version or enable Java to use some odd Java item i decided to use, and it is pretty rare.

    Re-reading your post, i am guessing you are talking about Javascript, which has nothing to do at all with Java or virtual machines, and lolno is not secure. Netscape developed it after they re-wrote Mosaic to make a commercial web browser. (They did use Java in the browser but i don't recall java applets making up much advertising and certainly not general web page rendering. A site that ran entirely in a jvm, it think, would be far more rare than say, the dumber and far worse all-Flash sites. If you want to talk about a horribly insecure, tracky, and much abused technology...)

    link to this | view in thread ]

  46. icon
    orbitalinsertion (profile), 30 Oct 2017 @ 5:08pm

    Re:

    I am thinking "expropriate" should be used like "defenestrate". For fun and language-creep. K-I-L-L-E-D: Revoked.

    link to this | view in thread ]

  47. icon
    That One Guy (profile), 30 Oct 2017 @ 7:25pm

    Re: Re: Ah, but you have a choice

    Pretty sure that's not accurate, as I seem to remember various TD staff saying that the ad revenue they get is rather pathetic, and the site is supported in other ways.

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 30 Oct 2017 @ 8:21pm

    Re:

    Even better, install the "I don't care about privacy" browser extension. Every website you visit will be automatically given your full name, age, gender, national identity or social security number, credit card number (complete with security code), shipping address, phone number and more! You won't even be asked! It will save you untold time having to enter all that information manually!

    http://i-am-an-idiot.eu/

    link to this | view in thread ]

  49. icon
    The Wanderer (profile), 31 Oct 2017 @ 5:43am

    Re: Re:

    Or hear either one of those words in the voice of a Dalek.

    link to this | view in thread ]

  50. identicon
    Anonymous Coward, 31 Oct 2017 @ 6:00am

    Re: Re: Re: Re: Unintended consequences

    The technical distinction is less simple than you might suppose. It is cheaper to make one device in two modes than it is to make two devices. The only way that a consumer might reasonably know if what you said was true would be to rip the phone apart, get the chip number, and look up its capabilities. Which I'm confident enough to say, would invariably inform you that you are wrong in your assertion.

    The FDA labels what may violate American body. But for psychologically abusive marketing practices, no such labels exist for the much more severe violations that are continuously perpetrated against the American mind.

    The degree of engineering integral to that emotional and psychological battery has achieved a state of depravity that dwarves the techniques used in 1930's Germany.

    I don't know that much. But I know enough about the psychological techniques to identify them when I see them, and I know a little about the law, and I know a lot about the technology. And what is going on right now is a fucking crime.

    It has been since around 2005, and it has been getting progressively worse since then.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 31 Oct 2017 @ 6:58am

    Re: Re: Re: Re: Re: They would be forced to give something in return for nothing.

    Yes I was referring to js. Yes, many sites use js to track. Typically we are talking about something like an Ajax style architecture, though the backend languages vary somewhat.

    TD itself is Ajax based I think. Derived from slash isn't it?

    Tracking has existed since the inception of HTML. Thinking back the "previous-site" header was in the spec at least since html 1.0, (around when I first started learning it) and has been respected by all browsers that I know of since then. It preceded cookies. (I may have the header name wrong, I haven't touched that part of the protocol stack in awhile)

    That header field was a questionable move at the time, but it was the easiest way to provide any context to web server logs. And the web was still for nerds then. Cookies extended that, and at the time there was a lot of grimacing that took place. Front end developers and marketing chicks liked cookies because it gave them features that their e-commerce customers wanted. But many network and infosec guys saw that the trend was really going in the wrong direction.

    Now there is millions lines of source code out there, in thousands of systems fucking with peoples civil rights in ways that extend well beyond the boundaries of the law.

    Instead of demanding that the engineering come into conformance with the law, the EU has decided to change the law. All because there is billion dollars worth of marketing hype built atop a weekend hack that was probably written between bong hits.

    Everybody knew this was the wrong way to do it at the time. It was just that nobody wanted to pay the money to write a real solution. And market entropy evolves on whatever foundation is available. Current web architecture was created on several really bad foundations.

    It is very much like the 3/5's compromise. It was ALWAYS a bad idea. The longer you wait to fix it, the worse it's going to get.

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 31 Oct 2017 @ 1:10pm

    Re: I don't need three more fridges

    "beauty products" is a nice way to put it. Wait till it stop being ads for beauty products and starts being for things like pregnancy support products and services, and you've got a couple of daughters and a wife that it could be about.

    Whats more, because of that invasion of privacy, a lot of people simply wouldn't search for things pertinent to their own health and welfare. The tracking ends up being a DOS, because it causes people to fear seeking support in their lives.

    Tracking produces leverage between people, but it does not elevate anything.

    link to this | view in thread ]

  53. icon
    Talmyr (profile), 7 Nov 2017 @ 2:28am

    Re: Re:

    Why does that point to the British Government homepage?

    /s

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.